CrossNodes Product Briefing: Encryption Software

Technology writers and editors take every conceivable opportunity to remind Web-boomers that "everything old is new again". Cryptography has its roots in the first part of the 16th century when the first treatise on the subject was published. Since then virtually every school child has used basic cryptography as a childhood game where a=1, b=2, c=3 and so on.

Cryptography is converting data (or "plaintext") into a secret code for transmission. An encryption algorithm codes the original text into "ciphertext". Once transmitted, the text is decoded (decrypted) back to the original text. The concept is simple as child's play and often is. Modern data encryption is not so simple but an extremely effective security tool. Network managers can choose from sophisticated encryption protection for enterprise or network data as well as lower ended products that will protect Internet transmissions.

Encryption products for networks can be used at several levels and provide a variety of functions. The following list details some product functionally terms:

Encrypts directory level -- allows users to encrypt a specific directory and any subdirectories that reside below that directory.

Screen lock feature -- prevents users who do not have the proper keys from entering data to a screen.

Locks PC/Boot lock -- requires authorization before a user can start the PC.

Supports public key encryption -- uses an encryption key that is available to the public. The receiving system must know which key is being used in order to decipher the message.

Supports private key encryption -- implements an encryption key that is available only to that network. Two systems must use the same key to establish data transfers.

Audit log of access attempts -- maintains a record of all accesses to the system files and data transfers.

Up until a year ago, encryption technology was at a crossroads. U.S. Government regulations limited encryption developers that wanted to export their product, to keys that were 40-bits or smaller unless they had a special permit. This effectively precluded U.S. vendors from competing in international markets. As a result, other countries had created their own encryption methods, and a worldwide standard did not exist. This obviously hurt the growth of a global market, especially in areas like the Internet.

As Congress and the encryption industry debated changes to the U.S. regulations and advances in encryption implementation, federal law enforcement agencies had requested a law to require users to register all keys used in encryption.

In July of 2000, the Clinton administration updated its policies to allow U.S. companies to export encryption products to the 15 members of the European Union (EU) and other European and Pacific Rim allies without a license. Exporters no longer had to undergo a 30-day technical review for shipments to these countries. That coincided with regulations adopted by the EU that eased encryption experts to the same countries.